Proof of Concept code of the Shoplift code
This is code exploits a few pretty big flaw in the very popular webshop CMS Magento.
I did not find the exploit, all credits go to Checkpoint. You can read their technical public disclosure here: Analyzing the Magento Vulnerability
Sucuri has a nice blog post about how this flaw is being exploited in the wild: Magento Shoplift (SUPEE-5344) Exploits in the Wild
Byte.nl made a online scanner to see if a website is vulnerable: https://shoplift.byte.nl/markup
python2 poc.py target_address